1. Field
Exemplary embodiments of the present invention relate to preventing a connection to a cloned access point (AP) and preventing an automatic connection to the cloned AP having a same service set identifier (SSID) in a wireless local area network (WLAN) as an authorized wireless AP, and more particularly, to an apparatus and method for providing the security of a network connection.
2. Discussion of the Background
Korean Patent-Application No. 10-2011-0038397 discloses a method for setting a wireless local area network (WLAN). An image display device may be used, and an access point (AP) may generate an encryption key, display the generated encryption key on a display, transmit the generated encryption key to a wireless router, and allow connection to the wireless router based on the transmitted encryption key.
A terminal may minimize a number of alterations made by a user when setting the WLAN, may set the WLAN using the encryption key displayed on the image display device, to ensure security.
The method for setting the WLAN using the image display device that supports the WLAN may correspond to a security management method based on a wireless AP. Communication with a predetermined wireless AP may be performed by transmitting an authentication number used by the predetermined wireless AP when connecting to the predetermined wireless AP. Thus, a terminal allowed by the predetermined wireless AP may be connected, and a terminal rejected by the predetermined wireless AP may be disconnected, which may help prevent unauthorized or not allowed connections of terminals and maintain a secure communication environment.
However, in the security management method based on a wireless AP, a terminal connected to the wireless AP may be subject to a compromise, and may fail to recognize the security compromised because a cloned AP has the same service set identifier (SSID). As such, the terminal may be connected to the cloned wireless AP according to a request from the cloned wireless AP to exchange information, which may put a significant amount of user information at risk of being compromised.
The terminal may attempt access to a wireless AP other than the same wireless AP in response to recognition of an SSID by attempting automatic access to the wireless AP, which may lead to access to a cloned wireless AP having the same SSID. In this instance, the terminal may not recognize compromise from a cloned AP, and may allow complete access to the cloned AP to exchange data, which may cause a security compromise.
A security method based on a wireless AP may repeatedly use a destination address (DA) and a source address (SA) corresponding to unique information. Additionally, the terminal may use an SSID when connecting to a network, and a non-authorized user may obtain information even though the user is unauthorized to do so.